Cybersecurity remains an elusive business priority

I’ve been remiss by not blogging earlier this year about ESG’s annual IT spending intentions research. The year 2017 continues to follow a pattern: Cybersecurity is a high business and IT priority for most organizations. Based upon a global survey of 641 IT and cybersecurity professionals, the ESG research reveals: While just over half (53%) of organizations plan on increasing IT spending overall this year, 69% said they are increasing spending on cybersecurity. As far as cybersecurity spending goes, 48% will make their most significant cybersecurity technology investments in cloud security, 39% will in network security, 30% in endpoint security, and 29% in security analytics.    Respondents were asked which business outcomes were their highest priorities for this year. The top three results were as follows: 43% said “reducing costs,” 40% said “increasing productivity," and 39% said “improving information security.”  When asked which business initiatives will drive the most IT spending, 39% said “increasing cybersecurity,” the top selection of all. When asked to identify the most important IT initiatives for this year, the number one answer was “strengthening cybersecurity controls and processes.”  For the sixth year in a row, survey respondents said cybersecurity is the area where Continue reading

Cybersecurity Remains an Elusive Business Priority

I’ve been remiss by not blogging earlier this year about ESG’s annual IT spending intentions research (note: I am an ESG employee).  The year 2017 continues to follow a pattern – cybersecurity is a high business and IT priority for most organizations. Based upon a global survey of 641 IT and cybersecurity professionals, the ESG research reveals: While just over half (53%) of organizations plan on increasing IT spending overall this year, 69% say they are increasing spending on cybersecurity.  As far as cybersecurity spending goes, 48% will make their most significant cybersecurity technology investments in cloud security 39% will in network security, 30% in endpoint security, and 29% in security analytics.    Respondents were asked which business outcomes were their highest priorities for this year.  The top three results were as follows: 43% said “reducing costs,” 40% said “increasing productivity, and 39% “improving information security.”  When asked which business initiatives will drive the most IT spending, 39% said, “increasing cybersecurity,” the top selection of all. When asked to identify the most important IT initiatives for this year, the number one answer was, “strengthening cybersecurity controls and processes.”  For the 6th year Continue reading

Worth Reading: IPv6 data exfiltration

The transition to internet protocol version 6 has opened up a whole new range of threat vectors that allow attackers to set up undetectable communications channels across networks, researchers have found. A paper has been published by researchers at the NATO defence alliance’s Cooperative Cyber Defence Centre of Excellence and Estonia’s Tallinn University of Technology. It outlines how attackers can create covert data exfiltration channels and system remote control, using IPv6 transition mechanisms. IPv6 aims to remove the technical drawbacks of the older IPv4 addressing scheme but brings its own fresh set of dangers, the researchers warned. Since IPv6 implementations and security solutions are relatively new and untested, and systems engineers aren’t fully aware of them, the new protocol can become a network backdoor attackers can exploit undetected. —itnews

The post Worth Reading: IPv6 data exfiltration appeared first on rule 11 reader.

Meanwhile in China: Surveillance required on public Wi-Fi

Every once in a while, something in China that sounds like it came out of a dystopian movie catches my attention.China’s great surveillance machine seems to know no bounds. China has already cracked down on unauthorized VPN use. Last month, we learned that if you want toilet paper at one UNESCO World Heritage Site in China, then you must submit to facial recognition in order to be issued a strip of toilet paper. This time, we are looking at China requiring surveillance technology on public Wi-Fi and Chinese loan startups determining credit-worthiness by the model of smartphones used and if the battery runs low.To read this article in full or to leave a comment, please click here

Meanwhile in China: Surveillance required on public Wi-Fi

Every once in a while, something in China that sounds like it came out of a dystopian movie catches my attention.China’s great surveillance machine seems to know no bounds. China has already cracked down on unauthorized VPN use. Last month, we learned that if you want toilet paper at one UNESCO World Heritage Site in China, then you must submit to facial recognition in order to be issued a strip of toilet paper. This time, we are looking at China requiring surveillance technology on public Wi-Fi and Chinese loan startups determining credit-worthiness by the model of smartphones used and if the battery runs low.To read this article in full or to leave a comment, please click here

Can Container Security Surpass That of Virtual Machines?

Containers certainly face security threats that virtual machines do not.

Uber offers new dispatch service for businesses

Uber wants businesses to do away with shuttle buses for customers, and has launched a new service aimed at making it easier for companies to hail cars on other people’s behalf. Called Uber Central, the software lets users request cars even for people who don’t have accounts with the ride-hailing company.Here’s how it works: company employees who have access to the Uber Central console input a customer’s name and phone number, along with their pickup and drop-off address. After that, they can request a ride from Uber’s menu of services, or save the data as a draft for easier use later.The Uber Central dashboard, which is available worldwide, also lets employees track the status of rides. It’s built on top of Uber for Business, a version of the ride-hailing platform that has been built for use by companies rather than individuals.To read this article in full or to leave a comment, please click here

Announcing Ansible Container 0.9

The Ansible Container team is proud to announce the 0.9 release of the Ansible Container project. Key new features of the 0.9 release include:

Tighter integration with Ansible roles

Ansible roles are a great way to describe microservices; roles that are "common" between multiple services map well to container image layers and service-specific roles are easy for teams to maintain. We decided to make that concept clearer in the way Ansible Container works. We ditched the main.yml playbook and replaced it with a per-service list of roles in container.yml.

Tighter integration with Kubernetes in OpenShift Origin and Red Hat OpenShift Container Platform

We've built brand new Kubernetes and OpenShift modules for Ansible, and are already using them in Ansible Container. We've also restructured the container.yml syntax to more naturally support Kubernetes and OpenShift concepts out of the box, then fall back to the comparatively simpler Docker ecosystem. Instead of trying to bolt Kubernetes features into the Docker Compose style schema, we have dedicated OpenShift/Kubernetes configuration for resources like Persistent Volume Claims. This will allow end users to transfer existing Ansible roles into Kubernetes/OpenShift and have Ansible Container manage the deployment lifecycle.

Putting more tools into the Continue reading

Announcing LinuxKit: A Toolkit for building Secure, Lean and Portable Linux Subsystems

Last year, one of the most common requests we heard from our users was to bring a Docker-native experience to their platforms. These platforms were many and varied: from cloud platforms such as AWS, Azure, Google Cloud, to server platforms such as Windows Server, desktop platforms that their developers used such as OSX and Windows 10, to mainframes and IoT platforms –  the list went on.

We started working on support for these platforms, and we initially shipped Docker for Mac and Docker for Windows, followed by Docker for AWS and Docker for Azure. Most recently, we announced the beta of Docker for GCP. The customizations we applied to make Docker native for each platform have furthered the adoption of the Docker editions.

One of the issues we encountered was that for many of these platforms, the users wanted Linuxcontainer support but the platform itself did not ship with Linux included. Mac OS and Windows are two obvious examples, but cloud platforms do not ship with a standard Linux either. So it made sense for us to bundle Linux into the Docker platform to run in these places.

What we needed to bundle was a secure, lean and portable Linux Continue reading

Introducing Moby Project: a new open-source project to advance the software containerization movement

Since Docker democratized software containers four years ago, a whole ecosystem grew around containerization and in this compressed time period it has gone through two distinct phases of growth. In each of these two phases, the model for producing container systems evolved to adapt to the size and needs of the user community as well as the project and the growing contributor ecosystem.

The Moby Project is a new open-source project to advance the software containerization movement and help the ecosystem take containers mainstream. It provides a library of components, a framework for assembling them into custom container-based systems and a place for all container enthusiasts to experiment and exchange ideas.

Let’s review how we got where we are today. In 2013-2014 pioneers started to use containers and collaborate in a monolithic open source codebase, Docker and few other projects, to help tools mature.

Then in 2015-2016, containers were massively adopted in production for cloud-native applications. In this phase, the user community grew to support tens of thousands of deployments that were backed by hundreds of ecosystem projects and thousands of contributors. It is during this phase, that Docker evolved its production model to an open component based approach. In Continue reading

IoT meets augmented reality

PTC has assembled a robust portfolio of Internet of Things technologies that, when combined with the company’s history in digital 3D design and Product Lifecycle Management (PLM) tools, makes for some interesting new ways to bridge the physical and digital worlds.  To see how it all adds up, Network World Editor in Chief John Dix caught up with Michael Campbell, Executive Vice President of PTC’s ThingWorx IoT platform. Campbell, who has been with PTC since 1995, has a background in 3D CAD and visualization, and ran the company’s CAD business for years when they started to think about the convergence of IoT and 3D and how it might all come together in augmented and virtual reality. To read this article in full or to leave a comment, please click here

Star Trek medical tricorder closer to becoming reality

You know how on Star Trek doctors can diagnose what’s wrong with you just by waving a sparkly little salt shaker (no, really) over your body, or read your vital signs from a medical tricorder—a device that looks suspiciously like an old cassette recorder? Well, not surprisingly, it turns out that kind of medical technology would be tremendously valuable in the real world, and a pair of recent reports suggests we may be actually getting close to achieving it.Just like a Star Trek tricorder, only clunkier First, the $10 million Qualcomm Tricorder XPrize has been awarded for creating mobile devices that can non-invasively diagnose 13 medical conditions—and can be used by consumers without requiring professional help.To read this article in full or to leave a comment, please click here

Response: The Network Collective, Episode 1

The end of March brought with it the first episode of a neat new project called The Network Collective, a video roundtable for networking engineers. The hosts and co-founders of this escapade are Jordan Martin (@BCJordo), Eyvonne Sharp (@SharpNetwork) and Phil Gervasi (@Network_Phil).

Top 10 Ways To Break Your Network

Episode 1 brought three guests to the virtual table: Carl Fugate, Mike Zsiga and Jody Lemoine, the latter of whom (top right on the YouTube video) is actually blurry in real life, and this is not a video artifact. The topic for discussion was the Top 10 Ways To Break Your Network. Thankfully, the show didn’t actually provide tips on how to break your network — as if we need any help doing that — but instead looked at the shameful ways in which each participant had managed to cause network destruction in the past, and what lessons could be learned.

The fact that five of six experienced professionals are willing to own up to their blunders (one brought a colleague’s mistake to put up on the chopping block) actually signals one of the most important lessons that the episode highlighted, which is Continue reading

Future iMac Pro models to feature ‘server grade’ internals

It’s been a long while since we’ve seen any meaningful update to Apple’s iMac line, but as the company revealed a few weeks ago, there are some new and exciting updates in the works.As Apple executives told a handful of journalists recently, the company is working on a brand-new iMac Pro model. And while the company didn’t provide any significant details, they did make a point of stressing that a touchscreen iMac is not in the works.“Touch doesn’t even register on the list of things pro users are interested in talking about,” Phil Schiller said. “They're interested in things like performance and storage and expandability.”Now comes word via Digitimes that Apple’s new iMac Pro models—which will still measure in at 21.5 and 27-inches—will feature “server grade” internals.To read this article in full or to leave a comment, please click here

Tiny gadget roundup time!

Being little doesn’t necessarily mean that you aren’t important, but sometimes I get a bunch of little gadgets that do simple things that don’t warrant a fuller review/writeup. I save these for this type of post. Lots of little gadgets to help you along your journey in life. Let’s begin! Ventev The Ventev Chargestand 3000c combines a portable battery, power cable (Lightning or Micro USB, depending on which option you choose) and mini-stand in one small package. When the battery is charged via USB, you can flip open the lid (like an old-school flip phone) and rest your smartphone on the tip of the power cable.To read this article in full or to leave a comment, please click here

H-1B visa demand slips; analysts see Trump effect

The U.S. government today said it received 199,000 H-1B visa petitions for the upcoming 2018 fiscal year -- 37,000 less than in 2016.The government will issue 85,000 visas distributed via a computer-generated lottery. The winners will be able to use their visas at the start of the federal fiscal year, which begins Oct. 1.[ Further reading: Hottest jobs, cities and industries for IT pay in 2017 ] Industry analysts see President Donald Trump's actions and campaign rhetoric as having had an impact on the offshore outsourcing industry, which includes the largest users of H-1B visa workers. Firms considering shipping IT jobs overseas appear now to be more cautious than in recent years.To read this article in full or to leave a comment, please click here

The strange new world of hiring and employee tracking

Your employer wants to hire top salespeople and is counting on HR to deliver the best. There's the old-fashioned way: collect resumes, sort for keywords, check on social networks, get referrals and interview.But what about geotagging?Employers often have "top performer clubs" for their salespeople. Incentives for these top performers usually involve rewards such as trips to Hawaii, the Caribbean or Italy."That's fairly public knowledge," said Bertrand Dussert, vice president of Human Capital Management (HCM) transformation and thought leadership at Oracle. "You can assemble the known list of salespeople and compare it to geotagged tweets." (Clues can be found on the web. For instance, see this corporate blog post, Italy Awaits Adobe's Top Sales Performers).To read this article in full or to leave a comment, please click here

Five pitfalls to avoid when migrating to the cloud

Mistakes can be costly. They also can be so painful they keep you from venturing any further ahead.Of course, that's true with almost anything tech-related, but IT managers will tell you that there are some common, and potentially damaging, pitfalls that anyone looking at a cloud migration should work to avoid.Migration mistakes can cost the enterprise money and time, and eliminate or reduce any expected increases in agility as well as speed and cost savings.Those stumbles and losses could cause business execs to back off from a bigger cloud migration. It also could cause execs to lose faith in their IT leaders."This is part of the learning curve," said Deepak Mohan, an analyst with IDC. "The negatives are attributed to the cloud and not to these mistakes that need to be corrected... If a company does not realize the cost savings and they fail to see the results they thought they'd get, the result is that there is a drop in faith and a lowering of confidence in your cloud strategy. And that will cause a slowdown in adoption."To read this article in full or to leave a comment, please click here

How to prevent your mobile app from getting hacked

Trivial matter?Image by Steve Traynor/IDGThe average user has around 26 to 55 applications downloaded to his smartphone device. Most likely, you have entertainment and gaming apps, a banking app, a few social media apps, fitness apps, and eCommerce apps to shop at your favorite stores.To read this article in full or to leave a comment, please click here

Trump to order wholesale H-1B reform

President Donald Trump will sign an executive order Tuesday dubbed "Buy American, Hire American" that calls for sweeping reform of the H-1B visa process.Its centerpiece is the replacement of the H-1B lottery with a system that distributes visas on the basis of wages, skills and education."We want to switch away from a random lottery system, in which it's weighted toward the lowest wage workers, towards a system that prioritizes higher skilled, higher paid workers," said a senior administration official, in a background briefing to reporters on the condition that officials not be identified.Such an H-1B reform "would make it much more difficult to use it to replace American workers," the administration official said.To read this article in full or to leave a comment, please click here